VIR Vulnerability Intelligence Relay

CVEs from 2022

6,001 normalized CVEs published or assigned in this year.

Total
6,001
critical
critical 88
high
high 1,239
medium
medium 887
low
low 24
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-2625 medium 5.5 3y ago Moderate: postgresql security update redhatrockylinuxsusedebian
CVE-2022-41862 medium 5.5 3y ago Moderate: postgresql security update redhatrockylinuxsusedebian
CVE-2022-4899 medium 5.5 3y ago Moderate: mysql security update redhatrockylinuxsusedebian+1
CVE-2022-36760 medium 5.5 3y ago Moderate: httpd security and bug fix update archdebianredhatrockylinux+2
CVE-2022-45873 medium 5.5 3y ago Moderate: systemd security update redhatsuserockylinuxdebian+1
CVE-2022-45061 medium 5.5 3y ago Moderate: python39:3.9 and python39-devel:3.9 security update rockylinuxredhatsusedebian
CVE-2022-37436 medium 5.5 3y ago Moderate: httpd security and bug fix update archdebianredhatrockylinux+2
CVE-2022-47024 medium 5.5 3y ago Moderate: vim security update archredhatsuserockylinux+2
CVE-2022-4415 medium 5.5 3y ago Moderate: systemd security update redhatrockylinuxsusedebian+1
CVE-2022-31628 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-31629 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatdebianalmalinux
CVE-2022-31630 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-48303 medium 5.5 3y ago Moderate: tar security update redhatrockylinuxsusedebian
CVE-2022-40897 medium 5.5 3y ago Moderate: python-setuptools security update redhatrockylinuxsusedebian+1
CVE-2022-31631 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-4450 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatrockylinuxsusedebian+2
CVE-2022-4304 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatrockylinuxsusedebian+2
CVE-2022-4203 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatsuserockylinuxdebian+2
CVE-2022-31197 medium 5.5 3y ago Moderate: postgresql-jdbc security update redhatsusedebianrockylinux+2
CVE-2022-42010 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-41717 medium 5.5 3y ago Moderate: podman security and bug fix update rockylinuxredhatsusedebian+2
CVE-2022-40304 medium 5.5 3y ago Moderate: libxml2 security update redhatrockylinuxsusedebian
CVE-2022-26307 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-32221 medium 5.5 3y ago Moderate: curl security update redhatdebiansuserockylinux+1
CVE-2022-26305 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-40303 medium 5.5 3y ago Moderate: libxml2 security update redhatrockylinuxsusedebian
CVE-2022-2879 medium 5.5 3y ago Moderate: Image Builder security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2022-43680 medium 5.5 3y ago In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. redhatdebianrockylinuxsuse
CVE-2022-27664 medium 5.5 3y ago Moderate: toolbox security and bug fix update rockylinuxredhatsusedebian+2
CVE-2022-42012 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-26306 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-2058 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2521 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2057 medium 5.5 3y ago Moderate: libtiff security update archredhatrockylinuxsuse+2
CVE-2022-2953 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2519 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2520 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-42011 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-41715 medium 5.5 3y ago Moderate: golang-github-cpuguy83-md2man security, bug fix, and enhancement update redhatalmalinuxrockylinuxsuse+2
CVE-2022-3140 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxdebian+1
CVE-2022-2056 medium 5.5 3y ago Moderate: libtiff security update archredhatrockylinuxsuse+2
CVE-2022-3715 medium 5.5 3y ago Moderate: bash security update redhatdebianrockylinux
CVE-2022-3821 medium 5.5 3y ago Moderate: systemd security update redhatsuserockylinuxdebian
CVE-2022-2880 medium 5.5 3y ago Moderate: git-lfs security and bug fix update redhatrockylinuxsusedebian+1
CVE-2022-2867 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-2868 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-4144 medium 5.5 3y ago Moderate: virt:rhel and virt-devel:rhel security and bug fix update rockylinuxsusedebian
CVE-2022-2869 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-43548 medium 5.5 4y ago Moderate: nodejs:18 security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2022-3517 medium 5.5 4y ago Moderate: nodejs:18 security, bug fix, and enhancement update redhatrockylinuxdebianalmalinux+1
CVE-2022-45442 medium 5.5 4y ago Moderate: pcs security update redhatrockylinuxsusedebian+1
CVE-2022-24999 medium 5.5 4y ago Moderate: nodejs:14 security, bug fix, and enhancement update rockylinuxdebiannpm
CVE-2022-22629 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatrockylinuxsusedebian
CVE-2022-48738 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() We don't currently validate that the values being set are within th… redhatsusedebian
CVE-2022-0396 medium 5.5 4y ago Moderate: bind security update redhatdebianarchsuse+1
CVE-2022-1998 medium 5.5 4y ago A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this … redhatalmalinuxsusedebian
CVE-2022-28614 medium 5.5 4y ago Moderate: httpd security, bug fix, and enhancement update debianredhatarchrockylinux+2
CVE-2022-1280 medium 5.5 4y ago A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial… redhatalmalinuxsusedebian
CVE-2022-3108 medium 5.5 4y ago An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup(). redhatsusedebian
CVE-2022-3107 medium 5.5 4y ago An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null p… redhatsusedebian
CVE-2022-23825 medium 5.5 4y ago Moderate: kernel security, bug fix, and enhancement update redhatalmalinuxsuserockylinux+1
CVE-2022-21123 medium 5.5 4y ago Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. almalinuxredhatsuserockylinux+1
CVE-2022-20572 medium 5.5 4y ago In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution pri… redhatsusedebian
CVE-2022-0854 medium 5.5 4y ago A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. redhatalmalinuxrockylinuxsuse+1
CVE-2022-0168 medium 5.5 4y ago A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_u… almalinuxredhatarchrockylinux+2
CVE-2022-48936 medium 5.5 4y ago Moderate: kernel-rt security update redhatrockylinuxsuse
CVE-2022-1263 medium 5.5 4y ago A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, cau… redhatsusedebian
CVE-2022-48735 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registere… redhatsusedebian
CVE-2022-29581 medium 5.5 4y ago Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; ver… redhatalmalinuxrockylinuxsuse+1
CVE-2022-2850 medium 5.5 4y ago Moderate: 389-ds-base security, bug fix, and enhancement update debianredhatsuserockylinux
CVE-2022-32990 medium 5.5 4y ago Moderate: gimp security and enhancement update redhatsusedebianrockylinux
CVE-2022-22844 medium 5.5 4y ago Moderate: libtiff security update redhatarchrockylinuxsuse+2
CVE-2022-49297 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for m… redhatsusedebian
CVE-2022-26717 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatarchrockylinuxsuse+1
CVE-2022-32189 medium 5.5 4y ago Moderate: toolbox security and bug fix update rockylinuxredhatsusedebian+2
CVE-2022-28693 medium 5.5 4y ago RHSA-2022:8267: kernel security, bug fix, and enhancement update (Moderate) redhatsuse
CVE-2022-49465 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after _… redhatsusedebian
CVE-2022-49147 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: block: Fix the maximum minor value is blk_alloc_ext_minor() ida_alloc_range(..., min, max, ...) returns values from min to max, i… redhatsusedebian
CVE-2022-49145 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data If the NumEntries field in the _CPC return package is less than 2, … redhatsusedebian
CVE-2022-30699 medium 5.5 4y ago Moderate: unbound security, bug fix, and enhancement update redhatrockylinuxsusedebian
CVE-2022-49142 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: net: preserve skb_end_offset() in skb_unclone_keeptruesize() syzbot found another way to trigger the infamous WARN_ON_ONCE(delta … redhatsusedebian
CVE-2022-49152 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: XArray: Fix xas_create_range() when multi-order entry present If there is already an entry present that is of order >= XA_CHUNK_S… redhatsusedebian
CVE-2022-25308 medium 5.5 4y ago Moderate: fribidi security update redhatsuserockylinuxdebian
CVE-2022-25255 medium 5.5 4y ago Moderate: qt5 security and bug fix update redhatsuserockylinuxdebian+1
CVE-2022-32742 medium 5.5 4y ago Moderate: samba security, bug fix, and enhancement update redhatarchsuserockylinux+2
CVE-2022-27404 medium 5.5 4y ago Moderate: freetype security update redhatrockylinuxsusedebian
CVE-2022-1304 medium 5.5 4y ago Moderate: e2fsprogs security update redhatdebianrockylinuxsuse+1
CVE-2022-23816 medium 5.5 4y ago Moderate: kernel security, bug fix, and enhancement update redhatalmalinuxsuserockylinux
CVE-2022-49107 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_readdir when note_last_dentry returns error Reset the last_readdir at the same time, and add a comm… redhatsusedebian
CVE-2022-1354 medium 5.5 4y ago Moderate: libtiff security update archredhatdebianalmalinux
CVE-2022-1355 medium 5.5 4y ago Moderate: libtiff security update archredhatrockylinuxdebian+1
CVE-2022-30550 medium 5.5 4y ago Moderate: dovecot security and enhancement update archredhatdebianrockylinux+2
CVE-2022-30556 medium 5.5 4y ago Moderate: httpd security, bug fix, and enhancement update debianredhatarchrockylinux+2
CVE-2022-49090 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on store_cpu_topology() to call update_siblings_ma… redhatsusedebian
CVE-2022-31813 medium 5.5 4y ago Moderate: httpd security, bug fix, and enhancement update debianredhatarchrockylinux+2
CVE-2022-50178 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: 8852a: rfk: fix div 0 exception The DPK is a kind of RF calibration whose algorithm is to fine tune parameters and c… redhatsusedebian
CVE-2022-30522 medium 5.5 4y ago Moderate: httpd security, bug fix, and enhancement update debianredhatarchsuse+2
CVE-2022-49060 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() dev_name() was called with dev.parent as argument but without to NULL… redhatsusedebian
CVE-2022-49330 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd syzbot got a new report [1] finally pointing to a very old bug, added in initia… redhatsusedebian
CVE-2022-29162 medium 5.5 4y ago Moderate: container-tools:4.0 security and bug fix update redhatarchsuserockylinux+2